Five steps to improve your WordPress website security

WordPress is increasingly popular for running small business websites. That popularity also means it’s a target for automated hack attempts. Here are five simple steps to increase your WordPress website security.

Keep up to date

The best way to stay safe is to keep your WordPress software and plugins up to date. The latest versions fix potential security issues. Take a backup first and test your site functionality such as contact forms and shopping carts afterwards though!

Use good passwords

Choose a long, random password. No pet names or other easy to crack passwords! It’s hard to remember random passwords, so store them using 1Password or something similar. It’s a good investment.

Hide the login page

Brute force attacks are made on the default WordPress login page. If you move the login page then these attacks are less of an issue. WPS Hide Login does a good job. Be careful that your site doesn’t use the login functionality for any plugins or they might break however.

Install a security plugin

The free WordFence and Sucuri security plugins tighten security and provide alerts of updates available and suspicious behaviour.

Only use trusted plugins and themes

It might be tempting to install plugins and themes from outside the WordPress marketplace or other trusted suppliers. This could open you up to malicious code though, so beware of any ‘free’ versions of commercial plugins or themes as they may have malware included.

Summary

We’ve discussed five simple steps here to increase the security of your WordPress website. If you need help updating or securing your WordPress website drop us a line and we’ll be happy to provide a quote.